Sr. Security Analyst, Cyber Security Operations Center (CSOC)

TMobile   •  

Snoqualmie, WA

Industry: Telecommunications.


5 - 7 years

Posted 241 days ago

This job is no longer available.

The Senior Security Analyst is a key member of the 24x7 Cyber Security Operations Center (CSOC); monitoring and analyzing real-time network and securityevents and incidents in order to mitigate risk to T-Mobile's systems, services and information assets. This is a high profile, fast paced role that interfaces across the entire company and at all levels of the organization.

The Senior Security Analyst owns the successful completion of all investigations and procedures executed during their presence in the CSOC. The Senior Analyst will follow the incident handling life-cycle to contain and remediate cybersecuritythreats. Senior Analysts are responsible for ensuring the integrity and quality of the monitoring and response process-performing in-depth analysis and investigation into suspected malicious activity as needed.



The role of a Senior Security Analyst is the detailed and repeatable execution of all operational tasks as documented in processes and subordinate procedures, specifically:

  • Execute the duties of the Security Analyst as required
  • Monitor & assess Security Analyst performance by performing quality assurance of all cases investigated by the CSOC
  • Approve and, if necessary, further investigate Analyst-escalated cases
  • Mentor junior analysts to improve detection & response capability within the CSOC
  • Manage CSOC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary
  • Serve as detection authority for initial incident declaration
  • Function as shift subject-matter experts (SMEs) on incident detection and analysis techniques, providing guidance to junior analysts and making recommendations to organizational managers
  • Drive and monitor shift-related metrics processes ensuring applicable reporting is gathered and disseminated per CSOC requirements.
  • Monitor CSOC work queue(s) for potential eventreporting from outside entities and individual users
  • Maintain CSOC shift logs with relevant activity from analyst shift
  • Document investigation results, ensuring relevant details are passed to identified escalation parties as required
  • Update or reference CSOC knowledge management repository as necessary for changes to CSOC processes and procedures
  • Conduct security research and intelligence gathering on emerging threats and exploits




  • 4-5 years of experience as a SOC analyst or equivalent experience
  • 6 years of experience in technology operations
  • Conversant with security concepts and techniques
  • Understanding of incident handling, forensic analysis, and log correlation
  • Experienceinvestigating securityevents, threats and/or vulnerabilities
  • Demonstrable knowledge of networking (TCP/IP, topology, OSI model and security), operating systems (Windows/UNIX/Mac), and web applications
  • Ability to read and understand system data, including, but not limited to, securityevent logs, system logs, and firewall logs
  • High degree of attention to detail
  • Have obtained or are working towards security certifications (Security+, CEH, GCIA, GCIH or other related and equivalent security certifications)
  • Experience with HP ArcSight or other SIEM and log management solutions
  • Requires shift work in a 24x7 Cyber Security Operations Center and be available for on-call rotation as needed

A Plus to Have

  • Experience with Shell scripting and a systems administration background
  • Experience in administration and maintenance of enterprise networks